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- The MAILING DA TE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 

WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^ Responsive to communication(s) filed on 31 October 2007 . 
2a)S This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^] Claim(s) 1-30 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) H3 Claim(s) 1-30 is/are rejected. 

7) Q Claim(s) L is/are objected to. 

8) D Qaim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objepted to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



This action is in response to the communication filed on 10/31/07. 
All objections and rejections not set forth below have been withdrawn. 

Claims 1-30 are pending. 

Claim Rejections - 35 USC § 101 



35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 21 - 30 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. 

Regarding claims 21 - 30, they comprise a computer program (i.e. see claim 30). 
Computer instructions per se fail to fall within one of the statutory categories of 
invention. Thus, claims 21 - 30 are rejected as being nonstatutory. 



Claim Rejections - 35 USC §112 



The following is a quotation of the second paragraph of 35 U.S.C. 112: 



The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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Claims 7, 9, 17, and 27 are rejected under 35 U.S.C. 112, second paragraph, 
as being indefinite for failing to particularly point out and distinctly claim the 
subject matter which applicant regards as the invention. 

Claim 7 recites the limitation "said new ACEs" in line 3. There is insufficient 
antecedent basis for this limitation in the claim. For the purpose of examination, the 
examiner presumes the applicant to refer to "new ACEs". 

Claims 7, 9, 17, and 27 have been rejected for similar reasons as above, and all 
other depending claims have been rejected by virtue of dependency. 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 
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Claims 1-30 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Shaji et al. (Shaji), "Interfaces and Methods for Group Policy Management", U.S. 
Patent Publication 2004/0215650. 

Regarding claim 1 , Shaji discloses: 

making a copy of the security descriptor (par. 18, 91); 

adding a new access control entry (ACE) to the DACL in said copy, wherein said 
new ACE specifies denying the locally privileged group an access right to the securable 
object (par. 18, 19, 89); 

and overwriting the security descriptor in the operating system with said copy 
(par. 18). 

Regarding claim 2, Shaji discloses: 

determining the relative identifier (RID) of the securable object; and finding the 
security descriptor for the securable object based on said RID (par. 1 3, 64). 

Regarding claim 3, Shaji discloses: 

further comprising examining the DACL to discover whether said access right is 
already denied (par. 18). 

Regarding claim 4, Shaji discloses: 

wherein said new ACE is added as the first ACE in the DA CL (fig. 14,15). 
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Regarding claim 5, Shaji discloses: 

wherein the securable object is a group other than the local administrators group 
(par. 4). 

Regarding claim 6, Shaji discloses: 

wherein said group is a domain administrator group (par. 4,5). 
Regarding claim 7, Shaji discloses: 

wherein said domain administrator group is a remotely hosted group, and the 
method further comprising adding said new ACEs to the DACL in said copy to deny all 
local groups said access right to the securable object (par. 4,5,47). 

Regarding claims 8 and 9, Shaji discloses: 

herein said access right includes a right to change permissions of said group and 
wherein said access right also includes a right to view permissions of said group (par. 
10 - herein administrators may create access rights that delegate the ability to modify 
security permissions). 

Regarding claim 10, Shaji discloses: 

wherein a single software tool performs the method (par. 38). 
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Regarding claims 1 1 - 30, they comprise essentially similar recitations, and they 
are rejected, at least, for the same reasons. 

Response to Arguments 

Applicant's arguments filed 10/31/07 have been fully considered but they are not 
persuasive. 

Applicant argues or asserts essentially that: 

(i) With respect to incorrectness, claims 21-30 comprise a system (machine) recited 
as means plus functions. Both manufactures and machines are specifically defined in 
35 U.S.C. 101 to be patentable subject matters, and 35 U.S.C. 112,^6 specifically 
permits claims to be recited in means plus function format. (Remarks, pg. 2) 

In response, the examiner respectfully points out that the applicant does not 
recite a "machine", and the words "system" and "machine" are not equivalents. 

(ii) With respect to claims 7, 17, and 27, we respectfully urge that these are correct 
as they currently read. For example, claim 7 recites "adding said new ACEs to the 
DACL in said copy to deny all local groups said access rights" (underline emphasis 
added here). Claim 7 depends from claim 6, which depends from claim 5, which 
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depends from claim 1, which recites "adding a new access control entry (ACE)." There 
thus is antecedent basis in claim 7 for at least "said new ACE. " However, "local groups" 
is recited in claim 7 as plural because, while there may theoretically be only one local 
group ... (Remarks, pg. 2) 

In response, the examiner respectfully maintains that the claims lack antecedent 
basis for the recitation of "said new ACEs", as may be clearly seen within the claim 
language. The applicant is encouraged to consider recitations that do have antecedent 
support. For example, as admitted by the applicant, there is antecedent support for 
"said new ACE", thus the applicant may properly recite "said new ACE". Alternatively, 
the applicant may decide to recite "new ACEs", as was suggested by the examiner. 

(iii) Shaji nowhere teaches or discusses a discretionary access control list. In fact, 
Shaji does not even use the word "discretionary" anywhere. (Remarks, pg. 3) 

In response, the examiner respectfully points out that the prior art clearly 
discloses an access control list for permissions, thus a "discrectionary" access control 
list (Shaji, par. 91). Furthermore, it is noted that the applicant's nominal recitation of 
"discretionary" must result in a difference between the claimed invention and the prior 
art in order to patentably distinguish the claimed invention from the prior art. If the prior 
art structure is capable of performing the intended use, then it meets the claim. Finally, 
it is noted that the applicant's arguments fail to comply with 37 CFR 1 .1 1 1(b) because 



Application/Control Number: 10/710,491 Page 8 

Art Unit: 2137 

they amount to a general allegation that the claims define a patentable invention without 
specifically pointing out how the language (i.e. the word "discretionary") of the claims 
patentably distinguishes them from the references. 

(iv) Shaji also does not teach an access control entry (ACE). If Shaji did, it would 
presumably have used the industry standard term "access control entry" or acronym 
"ACE, " as it does elsewhere, including [0089]. As for [0089], this is a recitation of 
entirely conventional ACE characteristics and nowhere teaches denying anything, 
specifically not by using a new ACE, specifically not to a locally privileged group, and 
more specifically not all of these also with the other limitations recited in claim 1. 
(Remarks, pg. 3) 

In response, the examiner notes that the applicant's argument appears 
essentially to be based upon an allegation that Shaji does not use the word "ACE" 
within every paragraph of the prior art that was cited by the examiner - thus fails to 
disclose an "ACE". The examiner finds the applicant's reasoning to be unpersuasive. It 
is respectfully noted that the prior art is replete with occurrences of the word "ACE", and 
that the applicant is respectfully encouraged to considered the cited portions of the prior 
art within the context of the entire prior art reference (Shaji, par. 1 - 123). Clearly, as 
may be seen through a consideration of the entire reference of Shaji, Shaji discloses 
that ACEs are used for denying access rights of locally privileged groups (or groups 
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elsewhere with respecting an environment [i.e. a network] for that matter) to securable 
objects (i.e. Shaji, fig. 2, 3; par. 4, 44, 45, 47, 48, 72, etc.). 

(v) Shaji merely teaches loading and mapping to a security descriptor. It teaches 
nothing here about overwriting a security descriptor, and especially not about doing so 
with a copy as prepared in accord with the limitations in the preceding step in claim 1. 
(Remarks, pg. 4) 

In response, the examiner respectfully points out that the prior art clearly 
discloses editing and changing security descriptors so as to comprise new data, thus 
"overwriting" (i.e. see cited portions of prior art, or surrounding portions). 

(vi) For example, the cited paragraphs do not teach a relative identifier (RID), much 
less one used in the specific manner recited in the claim. (Remarks, pg. 4) 

In response, the examiner, respectfully points out that the prior art does disclose 
"a relative identifier" (see for example Shaji par. 13, 64). Applicant's arguments fail to 
comply with 37 CFR 1 .1 1 1(b) because they amount to a general allegation that the 
claims define a patentable invention without specifically pointing out how the language 
of the claims patentably distinguishes them from the references. 
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(vii) However, we have shown above that Shaji does not teach DACL, and the cite 
clearly does not teach examining and discovering steps related to such. (Remarks, pg. 
4) 

In response, the examiner, respectfully points out that the applicant's argument is 
based upon previous unpersuasive arguments. Furthermore, the prior art discloses 
examining the DACL (see for example, par. 18). In response to applicant's argument 
that the references fail to show certain features of applicant's invention, it is noted that 
the features upon which applicant relies (i.e., discovering steps related to such) are not 
recited in the rejected claim(s). Although the claims are interpreted in light of the 
specification, limitations from the specification are not read into the claims. See In re 
Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

(viii) Regarding claim 4... (Remarks, pg. 4) 

In response, the examiner respectfully notes that the applicant's arguments are 
based upon prior unpersuasive arguments, and are unpersuasive for the same reasons. 

(ix) The Action here further states "Shaji discloses: wherein the securable object is a 
group other than the local administrators group (par. 4). " This is nonsense. As is well 
known in the art, groups categorize securable objects (e.g., membership in a group, or 
the absence there of, defines the access rights to a securable object). (Remarks, pg. 4). 
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In response, the examiner respectfully notes that the applicant states the 
conclusion, "This is nonsense", and proceeds with the allegation, "As is well known in 
the art, groups categorize securable objects (e.g., membership in a group, or the 
absence there of, defines the access rights to a securable object)." However, 
completely lacking within the applicant's reply is any logical line of reasoning supporting 
the applicant's traversal from an allegation respecting "groups" to a conclusion of 
"nonsense". Accordingly, the examiner respectfully notes that the applicant's argument 
is unpersuasive. 

Furthermore, the examiner points out that the prior art clearly discloses that a 
securable object may be an object other than the local administrators group (i.e. Shaji, 
par. 4 -7, 16, 18, 19, etc..) 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 

See Notice of References Cited. 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jeffery Williams whose telephone number is (571) 272- 
7965. The examiner can normally be reached on 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is (703) 
872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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